Question

我有这段代码：

$allowed_host = 'domain.com';
$host = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST);

if(substr($host, 0 - strlen($allowed_host)) == $allowed_host) {
  echo "ok";
} else {
  echo "not ok";
  exit();
}

此代码基于域但我如何检查域和php文件？

If referrer page: domain.com/fromok.php {echo "ok";} else {echo "not ok";}

Answer 1

如果请求主机名以'domian.com'结尾，您的代码将“ok”，例如，如果它是'adomian.com'。我假设你不想要它。

您可以使用

$allowed_host = 'domain.com';
$allowed_path = '/fromok.php';
$url_components = parse_url($_SERVER['HTTP_REFERER']);

if((($url_components['host'] === $allowed_host) || (substr($url_components['host'], - (strlen($allowed_host) + 1) === '.' . $allowed_host)) && ($url_components['path'] === $allowed_path)) {
  echo "ok";
} else {
  echo "not ok";
  exit();
}

PHP referrer域和子文件

1 个答案: